We are working on a custom mobile app to do the wifi setup - the customer creation is taken care of by the web app.
We are not using any user specific calls to a device (the device sends updates to a cloud service where we match to the customer.
Prior finalising the mobile app - can we use the current Particle ios app to create customer/setup wifi (i.e. the new customer creates an account with particle, which they will use only for the purposes of wifi setup), then use the API to transfer the device to a shadow customer attached to an organisation?
If so, once the customer has setup the device, what is the recommended API flow (e.g. 1. create two legged auth customer. 2. Claim device)?
I am running into a sort of similar situation.
I only have a handful of beta units in customer hands and would just like to be able to have to customer setup Wi-Fi using the existing Particle App (without developing a native app).
However, if the user creates a new account on Particle app, the Wi-Fi setup process would prompt the transfer of ownership on the P1 to the customer account. In order to compete the Wi-Fi setup the customer must select transfer ownership. This means I lose the P1 ownership automatically.
I could see the possibility of someone stealing my all my P1s when in the same room on April Fool’s. @jeiden, Is there a way to decouple the Wi-Fi set-up and claiming device ownership?
Hey @bing1106 and @Kevin ,
Thanks for your question. I would say that your approach to setup and device ownership does not align with our recommended path. A main benefit of using the organization -> product -> customer architecture is that you do not need to claim all devices to your individual user account. Instead, you allow your customers to create their own accounts and claim the devices to that account. As a member of the organization, you will have visibility into your customer’s devices, but don’t have direct ownership.
This is only possible if you have your own native mobile application (currently). You cannot use the existing Particle app if you would like to take advantage of the product-creator architecture. There should never really be the situation where a device is transferred from a user to a customer. If the device belongs to a product, it should be setup and claimed by a customer to start.
I’d recommend re-reading the documentation on authentication & security: https://docs.particle.io/guide/how-to-build-a-product/authentication/, as well as our documentation on the iOS SDK for product creators: https://github.com/spark/spark-setup-ios#organization
For @Kevin, one thing that I want to mention is that we are working on an entirely browser-based setup process that would give you the option of whether to use a mobile or web application to use for authentication + device setup. @nexxy is working on this as a top priority, but it is not ready quite yet.
[Edited] Moved my question about this to its own thread here.